Skip to Content
louisville.edu
My Accounts
Email
ULink
WorkdayHR
PeopleSoft HR
PeopleSoft Campus Solutions
PeopleSoft Financials
Blackboard
Business Ops
CardSmart
CardBox
Cardinal Careers
Plone
louisville.edu
My Accounts
Email
ULink
WorkdayHR
PeopleSoft HR
PeopleSoft Campus Solutions
PeopleSoft Financials
Blackboard
Business Ops
CardSmart
CardBox
Cardinal Careers
Plone
Expand Search Menu
Search
All Sites
This Site
Search Query
Go
Search
Apply
Undergraduate
Transfer
Graduate
Dentistry
Law
Medicine
MBA
International
Online Learning
Donate
Campuses
Belknap
HSC
Online
Information Security Office
Navigation
Home
Information Security Program
Expand Policies & Standards Submenu
Policies & Standards
University Policy Statement
Policies & Standards List
Policies and Standards Overview
Policy Foundation and Management
Policy Exception Process/Forms
Data Classification and Handling
Information Security Glossary
Policies & Standards
Policies & Standards Dropdown Toggle
University Policy Statement
Policies & Standards List
Policies and Standards Overview
Policy Foundation and Management
Policy Exception Process/Forms
Data Classification and Handling
Information Security Glossary
Expand Awareness & Training Submenu
Awareness & Training
Additional Compliance Training
Introduction to Cyber Security Awareness Month
Cyber Security Awareness
Phishing Awareness and Tips
Awareness & Training
Awareness & Training Dropdown Toggle
Additional Compliance Training
Introduction to Cyber Security Awareness Month
Cyber Security Awareness
Phishing Awareness and Tips
Expand Incident Reporting Submenu
Incident Reporting
Reporting an Incident
Incident Forms
Vendor / External Party Incident Reporting
Incident Reporting
Incident Reporting Dropdown Toggle
Reporting an Incident
Incident Forms
Vendor / External Party Incident Reporting
Expand Tools & Resources Submenu
Tools & Resources
Forms and Templates
How To
Tools and Tips
Frequently Asked Questions
Links - Additional Compliance Offices
Information Security Glossary
Tools & Resources
Tools & Resources Dropdown Toggle
Forms and Templates
How To
Tools and Tips
Frequently Asked Questions
Links - Additional Compliance Offices
Information Security Glossary
Tools & Resources
Forms and Templates
Policy / Compliance Exception Request Form
Vendor Assessment Process
Vendor Control Questionnaire
How To
Tools and Tips
Frequently Asked Questions
Links - Additional Compliance Offices
Information Security Glossary
Home
/
Tools & Resources
/
Forms and Templates
/
Policy / Compliance Exception Request Form
Policy / Compliance Exception Request Form
This form is used when a Information Security policy exception is needed.
Department Name
Full Name
Your E-Mail Address
Date Needed
Duration of Need
Policy Exception Description
Please include the policy number and description also.
Audience: who will be utilizing the system and data that you are requesting?
Explanation of why the exception is needed. This should include an explanation as to the inability to utilize existing technologies.
Compliance: Is the data held within this system regulated by laws?
Consider the following: HIPAA, FERPA, PCI, or NIH Grant regulations.
Data definition: please describe the types of data that will be hosted, processed or used. Assess and then discribe the sensitivity of the data per the sensitive information definition here.
http://louisville.edu/security/files/InformationManagementandClassification_Standard.pdf
Mitigation controls: please explain how risks will be mitigated to exceed or be equal to that of existing policy requirements.
Physical security: please list all physical security controls here.
Third party involvement: please include additional information regarding any third party involvement in the use of the data or access to the system.
Maintenance Plan: Be prepared to submit a policy and procedure for conducting regular maintenance on this system prior to approval.
Tools & Resources
Forms and Templates
Policy / Compliance Exception Request Form
Vendor Assessment Process
Vendor Control Questionnaire
How To
Tools and Tips
Frequently Asked Questions
Links - Additional Compliance Offices
Information Security Glossary
